Security In Wireless Sensor Networks – Challenges And Solutions

Security in wireless sensors networks can cover a very broad range of challenges as issues can arise at one, or multiple, points with the network.

For example, there are a number of discrete physical elements comprising a wireless sensor network which need to be secured and monitored: sensors, nodes, gateways, routers, end terminals, and various communication devices to access the network.

This article provides an overview of the various challenges and potential solutions to keep the network secure.

In general, a wireless sensor network is a mesh of many individual sensors, or sensor nodes, which provide information to a centralized location. The network can have a few dozen sensors and be confined to a single piece of equipment, or hundreds of nodes across an industrial installation, to many thousands of nodes spread across a vast environment. In each case. the nodes communicate wirelessly to local routers which in turn communicate to gateways which then communicate with the central system.

Security of the network focuses on physical tamper detection and communications intrusion detection. Beginning with a physical security breach or tampering, an attacker or hacker would first need to determine the footprint of the wireless network to locate the sensors, nodes, etc. Once the elements are identified, the hacker can then employ a number of techniques to breach the wireless sensor network.

Physical issues range from tampering with a sensor to communicate false information (e.g., changing the reading on the level of fluid in a storage tanker to cover theft). to temporarily disabling or jamming a sensor output (e.g., to override a motion detection signal to a central office alarm monitoring station), to destruction of a sensor or communications node.

In most cases, the only recourse to prevent a physical intrusion is by securely locating and isolating the network elements. Determining that a sensor or communications node has been tampered with is usually more critical than actually preventing the tampering, since there is no guaranteed method to prevent intrusions.

Intrusion detection takes the form of understanding the data expected from the network. It is possible to compare data against statistical or historical information from the network. When new data is received which is anomalous or outside the anticipated parameters, this can trigger an event or alarm for investigation. Redundancy can also be employed to check sensor readings. This also provides a method for monitoring the health of the network as well as for security measures.

The communication structure is typically one of two categories: “Ad Hoc” in which the various elements can add to or drop out of the network independently. Elements can communicate with any other in the network. “Infrastructure” in which all elements have a pre-defined place in the network. Elements have a strict hierarchy and path by which they communicate.

Infrastructure type networks can address intrusion detection by use of firewalls between communication elements. Segmentation of the network is generally a good practice as it not only makes it possible to isolate elements, but also simplifies the overall security implementation.

Regardless of the configuration, it’s critical to use a robust communications protocol which can support authentication and encryption.

One of the most critical security measures to implement is authorization control. By only allowing validated access to the network, many security issues are avoided. This is a simple as requiring user names and passwords for all communications, as well as restricting controls and administrative functions to as few users as possible.

A passive security breach is one where a hacker monitors and captures the data transmissions in the network. It is nearly impossible to physically hide a network as each router and gateway is transmitting an electromagnetic signal. Even when no data is being relayed through the network, the communication elements will typically send out beacons or identification requests. Hackers can use these signals to physically locate elements in the network as well as to break down the authentication and authorization codes.

Once a hacker has located the network communication elements, they can intercept the raw data and then decrypt it. In the event that the network does not implement any encryption (e.g., data is sent as clear text traffic) then the hacker will not even need to take the effort of decrypting the data.

Passive breaches are used for acquiring the information from your network. In contrast, there are also active security breaches or intrusion issues to contend with.

One scenario is a malicious hacker that wishes to disable or impair the network. This is of concern to industrial, military and government applications. This can take the form of a “Denial Of Service” (DOS) attack in which a network is flooded with external data to the extent that it can no longer process its own data, or in the form of jamming in which another signal, or noise, is introduced into the wireless network communication frequencies such that the network can no longer communicate.

Another scenario involves injecting viruses or other programs into the network with the hope they will be able to self replicate and cause issues extending beyond the original point of intrusion. For this, there are numerous data monitor programs to validate the data from the network. However this comes at price in terms of both system overhead, personnel for monitoring and real dollars for either purchasing or developing a software package.

Similar to physical tampering, communication security issues are first addressed by controlling access to the wireless sensor network.

As mentioned at the start of this article, this is a short overview of the topic of security in wireless sensor networks. There are numerous books, thesis, white papers and other information available that explore each of the above topics in great detail.

If you found this article interesting and informative, please be sure to sign up for our weekly e-newsletter as well as daily email / RSS Feeds at SourceTech411 .